CVE-2008-4161

SQL injection vulnerability in search_inv.php in Assetman 2.5b allows remote attackers to execute arbitrary SQL commands and conduct session fixation attacks via a combination of crafted order and order_by parameters in a search_all action.
Configurations

Configuration 1

cpe:2.3:a:assetman:assetman:2.5b:*:*:*:*:*:*:*

Information

Published : 2008-09-22 06:52

Updated : 2017-09-29 01:32


NVD link : CVE-2008-4161

Mitre link : CVE-2008-4161

Products Affected
No products.
CWE